LEGAL, REGULATORY & COMPLIANCE CONSULTANTS

Handley Gill Limited

Our expert consultants at Handley Gill share their knowledge and advice on emerging data protection, privacy, content regulation, reputation management, cyber security, and information access issues in our blog.

Breach? Don’t preach! Take some good advice!

While few organisations have an incident response plan in place, preparing a plan (which is approved by the Board and rehearsed by relevant staff) will prepare organisations for the inevitable, helping to ensure a prompt and effective response and maximising the prospect of a swift return to operations with minimum damage.
— Handley Gill Limited

In Q4 2023, the Information Commissioner’s Office data security incident trends report revealed that it saw a 33% increase on the number of incidents reported to it, with reported cyber incidents increasing by 57%, with only those security breaches relating to personal data which were likely to pose a risk to the rights and freedom of individuals being subject to mandatory reporting requirements under Article 33 UK GDPR.

The Department for Science, Innovation and Technology’s Cyber Breaches Survey 2024 revealed that while half of businesses (50%) and around a third of charities (32%) reported having experienced some form of cyber security breach or attack in the last 12 months, just 22% of businesses and 19% of charities had formal incident response plans in place.

Department for Science, Innovation & Technology’s Cyber Security Breaches Survey 2024 results

Preparing, and rehearsing, an incident response plan in advance of an incident not only affords valuable time and composure when there may be a tendency to panic, but also ensures that vital steps aren’t missed and will help to mitigate any harm and implement remedial measures as quickly as possible.

The potential disruptive effects of a cyber attack shouldn’t be underestimated; earlier this year, the operators of the independent luxury fashion retailer Jules B announced that while they had been able to save the business they had suffered store closures and redundancies when creditors accepted a CVA they had been forced to put in place after facing insolvency due to technical disruptions and the consequent financial pressures put on the business after it suffered a cyber attack which wasn’t covered by insurance.

If your organisation has suffered a cyber security incident and/or data breach, read our Helping Hand Incident Response Plan checklist.

If you require support in preparing for and/or responding to a cyber attack and/or data breach, notifying regulators and stakeholders,  or managing the aftermath including regulatory investigations and complaints, contact us.

Find out more about our data protection and data privacy services.